BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

5 steps to securing the small business (that don’t cost a penny)

Posted May 1, 2013    Andy Clark

pennyFor many small businesses there are considerable restraints on both budget and personnel that can make implementing a good security practice feel like an insurmountable challenge. Recent news gives us a constant reminder of the threats we all face from hactivists, electronic espionage, and good old fashioned script kiddies out to cause damage. These threats are very real and it makes good business sense to reduce your attack surface as much as possible. However, picking the right solution can become a daunting task, especially because of the heavy impact these solutions (and their implementation) can put on already tight margins. With that in mind, here are five steps that any business can take to improve security, without spending a penny.

1. Configuration

Let’s start with the basics. Configuring an environment is not just simply plugging everything together and letting it run. However, by making changes and implementing best practice on your network, operating systems, and applications you can significantly reduce your attack surface. BeyondTrust Research has produced a white paper In Configuration We Trust that includes guidance about how you can go about implementing some of these changes. To make life that little bit easier we’ve also produced a free tool that helps you assess your environment for some of the common configuration issues. Both of these free tools are available for download here.

2. Vulnerability Management

All systems have vulnerabilities. There I said it. Sadly this is a product of both human error and human ingenuity. The combination of mistakes made by developers and the increasing ingenuity of the hacker community has led to an inexorable rise in the number of exploitable vulnerabilities that are discovered and announced. Black market exploit tool kits are making it almost childishly simple for attackers to discover and exploit weaknesses in existing systems. It is every organization’s responsibility to keep their environment secure but to do this you need to know what holes exist. Vulnerability management is a great step towards achieving this goal. Retina CS Community edition is a free vulnerability management solution that can scan up to 256 assets and identify any vulnerabilities in configuration, operating system, and installed applications. The solution covers not just servers and desktops but databases, web applications and mobile devices. It also includes data on known exploits in the wild. Knowledge is power, go get some. Download Retina CS Community Free Now.

3. IDS

An Intrusion Detection System is one of those things that many organizations think they should have but never really understand. The solution is designed to track all of the network traffic in and out of your organization and highlight those instances that may be evidence of an attack. Network based appliances can be very expensive but there is an excellent open source alternative. Developed by Sourcefire, Snort®, is an open source network intrusion prevention and detection system (IDS/IPS). Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS. All that is required is a system to host it. Snort can be found here.

4. Antivirus

There are many, many antivirus solutions available and they all have their pro’s and con’s. Since we’re going for free here there are a couple of options to consider. Assuming you’re running a Microsoft Windows platform you will have access to Microsoft’s Security Essentials. It’s by no means the best of the bunch but since it comes pre-installed it’s very easy to get started with. If you’re looking for something that has more advanced protection, then may I suggest the rather excellent Avast free antivirus, which can be found here. One thing to consider is that most malware attacks are looking to leverage elevated privileges, so by removing these you can decrease your vulnerability surface area considerably. BeyondTrust’s PowerBroker for Windows solution snaps into your existing active directory structure and allows you to elevate applications and processes at a very granular level, effectively removing administrator rights throughout your organization. For more information about PowerBroker for Windows and to begin a free trial visit us here.

 5. Education

All of the solutions I have described above are designed to mitigate risk from a technical perspective and are all very capable of doing so. However they cannot entirely protect you from the threat of social engineering. Phishing attacks are on the rise and these can be either very broad in scope or highly targeted against individuals. The value of an educated workforce that understands the risks cannot be underestimated. Whether it’s a bored office junior browsing the wrong websites or a CEO receiving individually crafted malicious emails, an understanding of the inherent risks of data leakage can greatly improve your response to attacks. Security-aware cultures are not created overnight and it will take time and effort on everyone’s part to achieve. This dedication is always worth the investment. To help make your program a success, SANS has some excellent free resources here.

Tags:
, , , , , , , , ,

Leave a Reply

Additional articles

PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,
PowerBroker for Windows tamper protection

PowerBroker for Windows 6.6 Tamper Protection

Posted July 18, 2014    Morey Haber

I have a bone to pick: Stopping an administrator from performing an action on a system is futile endeavor. As an administrator, there is always a way to circumvent a solution’s from tampered protection. Really! By default, Windows administrators have unrestricted access to the system – and even though an application, hardened configuration, or group policy…

Tags:
, ,
PowerBroker for Windows can be configured to automatically identify the end user’s language preference

Implementing Least Privilege Around the World with PowerBroker for Windows

Posted July 17, 2014    Morey Haber

BeyondTrust recognizes that international, multilingual businesses have unique operating challenges, especially when it comes to implementing enterprise software. PowerBroker for Windows is a least-privilege solution often deployed across thousands of systems spanning multiple geographies and protecting users of diverse backgrounds. Earlier this year, PowerBroker for Windows introduces new data privacy features for EMEA and APAC,…

Tags:
, ,